[langdale,12/34] lighttpd: upgrade 1.4.66 -> 1.4.67

Message ID	d099203a342b8bbb35656b84c6488e8131cc8648.1667744095.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.179, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][langdale 12/34] lighttpd: upgrade 1.4.66 -> 1.4.67 Date: Sun, 6 Nov 2022 04:16:55 -1000 Message-Id: <d099203a342b8bbb35656b84c6488e8131cc8648.1667744095.git.steve@sakoman.com> In-Reply-To: <cover.1667744095.git.steve@sakoman.com> References: <cover.1667744095.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[langdale,01/34] vim: upgrade 9.0.0614 -> 9.0.0820 \| expand [langdale,01/34] vim: upgrade 9.0.0614 -> 9.0.0820 [langdale,02/34] libcap: upgrade 2.65 -> 2.66 [langdale,03/34] libical: upgrade 3.0.14 -> 3.0.15 [langdale,04/34] numactl: upgrade 2.0.15 -> 2.0.16 [langdale,05/34] wpebackend-fdo: upgrade 1.12.1 -> 1.14.0 [langdale,06/34] libksba: upgrade 1.6.0 -> 1.6.2 [langdale,07/34] libsdl2: upgrade 2.24.0 -> 2.24.1 [langdale,08/34] lttng-ust: upgrade 2.13.4 -> 2.13.5 [langdale,09/34] zlib: do out-of-tree builds [langdale,10/34] zlib: upgrade 1.2.12 -> 1.2.13 [langdale,11/34] mesa: update 22.2.0 -> 22.2.2 [langdale,12/34] lighttpd: upgrade 1.4.66 -> 1.4.67 [langdale,13/34] linux-yocto/5.15: update to v5.15.72 [langdale,14/34] linux-yocto/5.19: update to v5.19.14 [langdale,15/34] buildconf: compare abspath [langdale,16/34] vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack [langdale,17/34] linux-firmware: split rtl8761 firmware [langdale,18/34] linux-firmware: package amdgpu firmware [langdale,19/34] xserver-xorg: move some recommended dependencies in required [langdale,20/34] grub: disable build on armv7ve/a with hardfp [langdale,21/34] kern-tools: fix relative path processing [langdale,22/34] create-spdx: Remove ";name=..." for downloadLocation [langdale,23/34] systemd: add systemd-creds and systemd-cryptenroll to systemd-extra-utils [langdale,24/34] externalsrc.bbclass: fix git repo detection [langdale,25/34] wic: honor the SOURCE_DATE_EPOCH in case of updated fstab [langdale,26/34] externalsrc.bbclass: Remove a trailing slash from ${B} [langdale,27/34] gstreamer1.0-libav: fix errors with ffmpeg 5.x [langdale,28/34] kernel-yocto: improve fatal error messages of symbol_why.py [langdale,29/34] uboot-sign: Fix using wrong KEY_REQ_ARGS [langdale,30/34] kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all [langdale,31/34] kernel-fitimage: Use KERNEL_OUTPUT_DIR where appropriate [langdale,32/34] rust-target-config: match riscv target names with what rust expects [langdale,33/34] rust: install rustfmt for riscv32 as well [langdale,34/34] mirrors.bbclass: use shallow tarball for binutils-native

Message ID

d099203a342b8bbb35656b84c6488e8131cc8648.1667744095.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][langdale 12/34] lighttpd: upgrade 1.4.66 -> 1.4.67
Date: Sun,  6 Nov 2022 04:16:55 -1000
Message-Id: 
 <d099203a342b8bbb35656b84c6488e8131cc8648.1667744095.git.steve@sakoman.com>
In-Reply-To: <cover.1667744095.git.steve@sakoman.com>
References: <cover.1667744095.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[langdale,01/34] vim: upgrade 9.0.0614 -> 9.0.0820 | expand

Commit Message

Steve Sakoman Nov. 6, 2022, 2:16 p.m. UTC

From: wangmy <wangmy@fujitsu.com>

Changelog:
=============
  * Update comment about TCP_INFO on OpenBSD
  * [mod_ajp13] fix crash with bad response headers (fixes #3170)
  * [core] handle RDHUP when collecting chunked body
  * [core] tweak streaming request body to backends
  * [core] handle ENOSPC with pwritev() (#3171)
  * [core] manually calculate off_t max (fixes #3171)
  * [autoconf] force large file support (#3171)
  * [multiple] quiet coverity warnings using casts
  * [meson] add license keyword to project declaration

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7a399862bb2e1503fbffa18e7ec0767643f76132)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../lighttpd/lighttpd/CVE-2022-41556.patch    | 31 -------------------
 ...{lighttpd_1.4.66.bb => lighttpd_1.4.67.bb} |  3 +-
 2 files changed, 1 insertion(+), 33 deletions(-)
 delete mode 100644 meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
 rename meta/recipes-extended/lighttpd/{lighttpd_1.4.66.bb => lighttpd_1.4.67.bb} (96%)

diff --git a/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch b/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
deleted file mode 100644
index 284a5a3ea9..0000000000
--- a/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
+++ /dev/null
@@ -1,31 +0,0 @@ 
-CVE: CVE-2022-41556
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From b18de6f9264f914f7bf493abd3b6059343548e50 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Sun, 11 Sep 2022 22:31:34 -0400
-Subject: [PATCH] [core] handle RDHUP when collecting chunked body
-
-handle RDHUP as soon as RDHUP detected when collecting HTTP/1.1 chunked
-request body (and when not streaming request body to backend)
-
-x-ref:
-  https://github.com/lighttpd/lighttpd1.4/pull/115
----
- src/gw_backend.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/gw_backend.c b/src/gw_backend.c
-index df9d8217..5db56287 100644
---- a/src/gw_backend.c
-+++ b/src/gw_backend.c
-@@ -2228,7 +2228,7 @@ handler_t gw_handle_subrequest(request_st * const r, void *p_d) {
-                  *  and module is flagged to stream request body to backend) */
-                 return (r->conf.stream_request_body & FDEVENT_STREAM_REQUEST)
-                   ? http_response_reqbody_read_error(r, 411)
--                  : HANDLER_WAIT_FOR_EVENT;
-+                  : (rc == HANDLER_GO_ON) ? HANDLER_WAIT_FOR_EVENT : rc;
-             }
- 
-             if (hctx->wb_reqlen < -1 && r->reqbody_length >= 0) {
diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb b/meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
similarity index 96%
rename from meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb
rename to meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
index 78978105b2..838881f238 100644
--- a/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb
+++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
@@ -14,13 +14,12 @@  RRECOMMENDS:${PN} = "lighttpd-module-access \
                      lighttpd-module-accesslog"
 
 SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.xz \
-           file://CVE-2022-41556.patch \
            file://index.html.lighttpd \
            file://lighttpd.conf \
            file://lighttpd \
            "
 
-SRC_URI[sha256sum] = "47ac6e60271aa0196e65472d02d019556dc7c6d09df3b65df2c1ab6866348e3b"
+SRC_URI[sha256sum] = "7e04d767f51a8d824b32e2483ef2950982920d427d1272ef4667f49d6f89f358"
 
 DEPENDS = "virtual/crypt"

[langdale,12/34] lighttpd: upgrade 1.4.66 -> 1.4.67

Commit Message

Patch